ReportizFlow
Filtered by vendor
Subscriptions
Total
5490 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-58315 | 1 Huawei | 1 Harmonyos | 2025-12-02 | 5.5 Medium |
| Permission control vulnerability in the Wi-Fi module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-58312 | 1 Huawei | 1 Harmonyos | 2025-12-02 | 5.1 Medium |
| Permission control vulnerability in the App Lock module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-58309 | 1 Huawei | 1 Harmonyos | 2025-12-02 | 6.8 Medium |
| Permission control vulnerability in the startup recovery module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. | ||||
| CVE-2025-58294 | 1 Huawei | 1 Harmonyos | 2025-12-02 | 6.2 Medium |
| Permission control vulnerability in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2013-5598 | 1 Mozilla | 1 Firefox | 2025-11-25 | N/A |
| PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does not properly handle the appending of an IFRAME element, which allows remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by using this element within an embedded PDF object. | ||||
| CVE-2015-0816 | 2 Mozilla, Redhat | 3 Firefox, Thunderbird, Enterprise Linux | 2025-11-25 | N/A |
| Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 do not properly restrict resource: URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy, as demonstrated by the resource: URL associated with PDF.js. | ||||
| CVE-2015-0801 | 2 Mozilla, Redhat | 4 Firefox, Firefox Esr, Thunderbird and 1 more | 2025-11-25 | N/A |
| Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving anchor navigation, a similar issue to CVE-2015-0818. | ||||
| CVE-2014-5415 | 1 Beckhoff | 2 Embedded Pc Images, Twincat | 2025-11-05 | 9.1 Critical |
| Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components might allow remote attackers to obtain access via the (1) Windows CE Remote Configuration Tool, (2) CE Remote Display service, or (3) TELNET service. | ||||
| CVE-2014-5412 | 2 Aveva, Schneider-electric | 2 Clearscada, Scada Expert Clearscada | 2025-11-05 | N/A |
| Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allows remote attackers to read database records by leveraging access to the guest account. | ||||
| CVE-2015-1318 | 1 Apport Project | 1 Apport | 2025-11-03 | N/A |
| The crash reporting feature in Apport 2.13 through 2.17.x before 2.17.1 allows local users to gain privileges via a crafted usr/share/apport/apport file in a namespace (container). | ||||
| CVE-2014-2349 | 1 Emerson | 1 Deltav | 2025-11-01 | N/A |
| Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program. | ||||
| CVE-2025-58282 | 1 Huawei | 1 Harmonyos | 2025-10-20 | 2.8 Low |
| Permission control vulnerability in the camera module. Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-58285 | 1 Huawei | 1 Harmonyos | 2025-10-20 | 5.3 Medium |
| Permission control vulnerability in the media module. Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-58283 | 1 Huawei | 1 Harmonyos | 2025-10-20 | 5.5 Medium |
| Permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-54654 | 1 Huawei | 1 Harmonyos | 2025-10-20 | 6.2 Medium |
| Permission control vulnerability in the Gallery module. Successful exploitation of this vulnerability may affect service confidentiality | ||||
| CVE-2025-58284 | 1 Huawei | 1 Harmonyos | 2025-10-20 | 5.9 Medium |
| Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-58293 | 1 Huawei | 1 Harmonyos | 2025-10-20 | 5.5 Medium |
| Vulnerability of improper exception handling in the print module. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2014-2375 | 1 Ecava | 1 Integraxor | 2025-10-14 | N/A |
| Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial of service (disk consumption), via the CSV export feature. | ||||
| CVE-2014-2347 | 1 Amtelco | 1 Misecuremessages | 2025-10-03 | N/A |
| Amtelco miSecureMessages (aka MSM) 6.2 does not properly manage sessions, which allows remote authenticated users to obtain sensitive information via a modified message request. | ||||
| CVE-2024-53137 | 1 Linux | 1 Linux Kernel | 2025-10-02 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: ARM: fix cacheflush with PAN It seems that the cacheflush syscall got broken when PAN for LPAE was implemented. User access was not enabled around the cache maintenance instructions, causing them to fault. | ||||